Creating and destroying grant references is done by direct access to
the grant table. This removes the need to involve Xen when creating
grant references, modifying access permissions, etc. The grantee
domain will invoke hypercalls to use the grant references. Four main
operations can be accomplished by directly manipulating the table:
- Grant foreign access
- allocate a new entry in the grant table
and fill out the access permissions accordingly. The access
permissions will be looked up by Xen when the grantee attempts to
use the reference to map the granted frame.
- End foreign access
- check that the grant reference is not
currently in use, then remove the mapping permissions for the frame.
This prevents further mappings from taking place but does not allow
forced revocations of existing mappings.
- Grant foreign transfer
- allocate a new entry in the table
specifying transfer permissions for the grantee. Xen will look up
this entry when the grantee attempts to transfer a frame to the
granter.
- End foreign transfer
- remove permissions to prevent a transfer
occurring in future. If the transfer is already committed,
modifying the grant table cannot prevent it from completing.
